Netbiter Config NetbiterConfig.exe Device Hostname Remote Overflow

high Nessus Plugin ID 43614

Synopsis

The remote Windows host contains a program that is affected by a buffer overflow vulnerability.

Description

The Netbiter Config utility is installed on the remote Windows host.
It is a configuration utility used to query and set TCP/IP network settings in NetBiter WebSCADA devices.

According to its version, the installed version of this utility does not properly handle specially crafted UDP packets with values of the 'hn' parameter longer than 32 bytes.

An anonymous remote attacker may be able to exploit this issue to overflow the application's stack and thereby execute arbitrary code subject to the privileges of the user who launched the utility. Note, though, that the flaw is reportedly triggered only when the user double-clicks on a list-box item.

Solution

Upgrade to Netbiter Config version 1.3.1 or later.

See Also

http://www.nessus.org/u?8a34a3fc

https://www.securityfocus.com/archive/1/508449/30/0/threaded

http://support.intellicom.se/showfile.cfm?FID=45

http://support.intellicom.se/getfile.cfm?FID=150&FPID=85

Plugin Details

Severity: High

ID: 43614

File Name: netbiter_config_hostname_overflow.nbin

Version: 1.240

Type: local

Family: SCADA

Published: 12/30/2009

Updated: 11/22/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/18/2009

Vulnerability Publication Date: 12/14/2009

Reference Information

CVE: CVE-2009-4462

BID: 37325

CWE: 119

CERT: 181737

Secunia: 37695